Bug 6694: Problem with casAuthentication syspref

A missing test in checkauth caused anonymous session to be destroyed and
re-created at every call when this syspref was set.
Almost the same issue is also fixed in check_api_auth, which caused
C4::Service->init to fail.

Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
This commit is contained in:
Julian Maurice 2011-08-10 11:41:06 +02:00 committed by Paul Poulain
parent ceb5757573
commit 8ffbf4e88c

View file

@ -688,7 +688,8 @@ sub checkauth {
$userid = $session->param('id');
$sessiontype = $session->param('sessiontype');
}
if ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) ) {
if ( ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) )
|| ( $cas && $query->param('ticket') ) ) {
#if a user enters an id ne to the id in the current session, we need to log them in...
#first we need to clear the anonymous session...
$debug and warn "query id = " . $query->param('userid') . " but session id = " . $session->param('id');
@ -751,7 +752,7 @@ sub checkauth {
C4::Context->_new_userenv($sessionID);
$cookie = $query->cookie(CGISESSID => $sessionID);
$userid = $query->param('userid');
if ($cas || $userid) {
if (($cas && $query->param('ticket')) || $userid) {
my $password = $query->param('password');
my ($return, $cardnumber);
if ($cas && $query->param('ticket')) {
@ -1117,7 +1118,7 @@ sub check_api_auth {
unless ($query->param('userid')) {
$sessionID = $query->cookie("CGISESSID");
}
if ($sessionID && not $cas) {
if ($sessionID && not ($cas && $query->param('PT')) ) {
my $session = get_session($sessionID);
C4::Context->_new_userenv($sessionID);
if ($session) {